WHAT IS CLAIMED IS: 



1 1. A key auditing system, comprising: 

2 a key server, that provides access to a secret key by an authorized user; 

3 a resource server, that provides access to resources to authorized users, wherein 

4 authorization of a user is determined, at least in part, by the user's possession of a 

5 secret key; 

6 a key server audit database; 

7 a resource server audit database; and 

8 a usage analyzer that analyzes the key server audit database and the resource server audit 

9 database to compare events therein. 

1 2. The key auditing system of claim 1, wherein the resource server is an 

2 application server. 

1 3. The key auditing system of claim 1, wherein the resource server is a 

2 transaction server. 

1 4. The key auditing system of claim 1, wherein the key server maintains a 

2 protection key usable to unlock a secret key held by a user workstation and the resource 

3 server is configured to block access to a resource unless and indication of the unlocking of 

4 the secret key at the user workstation is provided. 

1 5. The key auditing system of claim 4, wherein the secret key is such that it is 

2 only accepted within a pre-determined time period. 

1 6. The key auditing system of claim 1, wherein events are compared 

2 according to a profile that specifies conditions under which keys can be used. 

1 7. The key auditing system of claim 6, wherein the conditions include time 

2 delay limits between when a key is accessed and when the key is used. 

1 8. The key auditing system of claim 6, wherein the conditions include limits 

2 on a number of times that key can be used on a resource server in a given session. 

1 9. The key auditing system of claim 6, wherein the conditions include 

2 whether key usage would be allowed where key access is from a first network address or first 
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3 location and key usage is from a second network address distinct from the first network 

4 address or from a second location distinct from the first location. 



1 10. The key auditing system of claim 1, wherein the usage analyzer is 

2 configured to analyze and compare audit database records in real-time. 

1 11. The key auditing system of claim 10, wherein the usage analyzer is 

2 configured to trigger a disablement of a key usage in real-time response to audit database 

3 record comparisons. 

1 12. The key auditing system of claim 1 , wherein the usage analyzer is 

2 configured as part of the key server. 
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